that operation is by a party that is unauthorized for that operation, and 
executes processing to stop the operation related to that input/output data 
(S08). When the attributes do not correspond, the program determines 
whether the acqui red input/output data corresponds to general rules (S07). 
When the data corresponds, the program determines that the operation is 
an inval id opera t ion, and executes processing to stop the opera t ion related 
to that input/output data (S08) . When the data does not correspond, the 
program determines that the operation is proper, and the operation related 
to that input/output data is executed as is. 

WHAT IS CLAIMED IS: 

1. An invalidity-monitoring program for monitoring invalid data, 
which causes a computer to execute an invalid operation, and causes said 
computer to execute: 

a step of acquiring input/output data that is input or output over 
a network that is connected to said computer, or over an externally 
connected bus that connects said computer with an external device; 

a step of identifying ID information from said input/output data for 
identifying a user; 

a step of acquiring at least part of the attribute data corresponding 
to said ID information from a user-information-storage unit that stores 
attribute information for all users having authorization to use said 
computer; 

a step of referencing a determination-rule-storage unit that stores 
rules for determining whether said input/output data is inval id data, and 
determining whether said input/output data is invalid data; and 

a step of stopping execution by said input/output data when it is 
determined in said invalid-data-determination step that said input/output 
data is invalid data; wherein 

said determination-rule-storage unit stores determination rules that 
correspond to user attributes; and 

in said step of determining whether said input/output data is inval id 



data, references said determination rules that correspond to attribute 
information acquired in said step of acquiring attribute information to 
determine whether said input/output data is invalid. 

2. The invalidity-monitoring program of claim 1 that causes said 
computer to execute: 

a step of referencing said user-information-storage unit and 
determining whether the user corresponding to said ID information has 
authorization to use said computer; and 

a step of stopping operation by said input/output data when it is 
determined in said step of determining authorization that there is no 
authorization to use said computer; wherein 

said step of determining authorization is executed before said step 
of determining whether said input/output data is invalid data; and 

when it is determined in said step of determining authorization that 
there is no authorization to use said computer, said program causes said 
computer to not execute at least one of the fol lowing; said step of acqui ring 
attribute information or said step of determining whether said input/output 
data is inval id data. 

3. The invalidity-monitoring program of claim 1 that causes said 
computer to execute: 

a step of referencing a profile-storage unit that stores log data 
related to said input/output data as profiles for each user, and comparing 
input/output data that was acqui red in said data-acquisi t ion step wi th the 
normal operation trend of said user to determine whether operation is 
unusua I ; and 

stopping the operation executed by said input/output data in said step 
of stopping operation executed by said input/output data also when it is 
determined in said step of determining whether operation is unusual that 
operat ion is unusual. 



4. The invalidity-monitoring program of any one of the claims 1 to 
3 that executes a process of interrupting a session in said step of stopping 
the operation executed by said input/output data when said input/output 
data is acqui red from a network in said step of acqui ring input/output data. 

5. The invalidity-monitoring program of any one of the claims 1 to 
3 that stops the process of executing a driver in the step of stopping the 
operation executed by said input/output data when said input/output data 
is acquired from an externally connected bus in said step of acquiring 
input/output data. 

6. An invalidity-monitoring program for monitoring invalid data, 
which causes a computer to execute an invalid operation, and causes said 
computer to execute: 

a step of acquiring input/output data that is input or output over 
a network that is connected to said computer, or over an externally 
connected bus that connects said computer with an external device; 

a step of identifying ID information from said input/output data for 
identifying a user; 

a step of acquiring at least part of the attribute data corresponding 
to said ID information from a user-information-storage unit that stores 
attribute information for all users having authorization to use said 
computer; 

a step of referencing a determination-rule-storage unit that stores 
rules for determin ing whether said input/output data is invalid data, and 
determining whether said input/output data is invalid data; and 

a step of notifying the terminal being operated by said user or 
administrator that the operation being executed by said input/output data 
is an invalid operation when it is determined in said step of determining 
whether said input/output data is invalid that said input/output data is 
inva I id data; wherein 

said determination-rule-storage unit stores determination rules that 



correspond to user attributes; and 

in said step of determining whether said input/output data is inval id 
data, references said determination rules that correspond to attribute 
information acquired in said step of acquiring attribute information to 
determine whether said input/output data is invalid data. 

7. An inval idi ty-moni toring method for monitoring inval id data, which 
causes a computer to execute an invalid operation, comprising: 

a step whereby said computer acquires input/output data that is input 
or output over a network that is connected to said computer, or over an 
externally connected bus that connects said computer with an external 
device; 

a step whereby said computer identifies ID information from said 
input/output data for identifying a user; 

a step whereby said computer acquires at least part of the attribute 
data corresponding to said ID information from a user-information-storage 
unit that stores attribute information for a 1 1 users having authorization 
to use said computer; 

a step whereby said computer references a determination-rule-storage 
unit that stores rules for determin ing whether said input/output data is 
invalid data, and determines whether said input/output data is invalid 
data; and 

a step whereby said computer stops execut ion by said input/output data 
when it is determined in said invalid-data-determination step that said 
input/output data is invalid data; wherein 

said determination-rule-storage unit stores determination rules that 
correspond to user attributes; and 

in said step of determining whether said input/output data is inval id 
data, references said determination rules that correspond to attribute 
information acquired in said step of acquiring attribute information to 
determine whether said input/output data is invalid. 



8. An inval idi ty-moni tor ing method for monitoring inval id data, which 
causes a computer to execute an invalid operation, comprising: 

a step whereby said computer acquires input/output data that is input 
or output over a network that is connected to said computer, or over an 
externally connected bus that connects said computer with an external 
device; 

a step whereby said computer identifies ID information from said 
input/output data for identifying a user; 

a step whereby said computer acquires at least part of the attribute 
data corresponding to said ID information from a user-information-storage 
unit that stores attribute information for all users having authorization 
to use said computer; 

a step whereby said computer references a determination-rule-storage 
unit that stores rules for determining whether said input/output data is 
invalid data, and determines whether said input/output data is invalid 
data; and 

a step whereby said computer notifies the terminal being operated by 
said user or administrator that the operation being executed by said 
input/output data is an invalid operation when it is determined in said 
step of determining whether said input/output data is invalid that said 
input/output data is invalid data; wherein 

said determination-rule-storage unit stores determination rules that 
correspond to user attributes; and 

in said step of determining whether said input/output data is invalid 
data, references said determination rules that correspond to attribute 
information acquired in said step of acquiring attribute information to 
determine whether said input/output data is invalid. 

9. An inval idi ty-monitoring system for monitoring inval id data, which 
causes a computer to execute an invalid operation, and comprising: 

a data-acquisition means for acquiring input/output data that is input 
or output over a network that is connected to said computer, or over an 



externally connected bus that connects said computer with an external 
device; 

an ID-information-identification means for identifying ID 
information from said input/output data for identifying a user; 

a user-information-storage means for storing attribute information 
for all users having authorization to use said computer; 

an attribute-information acquisition means for acquiring at least 
part of the attribute data corresponding to said ID information from said 
user-information-storage means; 

a determination-rule-storage means for storing rules for determining 
whether said input/output data is invalid data; 

an invalid-data-determination means for referencing said 
determination-rule-storage means, and determining whether said 
input/output data is invalid data; and 

a stoppage means for stopping execution by said input/output data when 
it is determined by said invalid-data-determination means that said 
input/output data is invalid data; wherein 

said determination-rule-storage means stores determination rules 
that correspond to user attributes; and 

said invalid-data-determination means references said determination 
rules that correspond to attribute information acquired by said 
attribute-information-acquisition means to determine whether said 
input/output data is invalid. 

10. The invalidity-monitoring system of claim 9 further comprising: 
a use-authorization-determination means for referencing said 

user-information-storage means and determining whether the user 

corresponding to said ID information has authorization to use said 

computer; and wherein 

said stoppage means also stops operat ion executed by said input/output 

data when it is determined by said use-authorization-determination means 

that there is no authorization to use said computer; 



said use-authorization-determination means is activated before said 
invalid-data-determination means; and 

when it is determined by said use-authorization-determination means 
that there is no authorization to use said computer, at least one of the 
following; said attribute-information-acquisition means or said 
invalid-data-determination means is not executed. 

11. The invalidity-monitoring system of claim 9 further comprising: 
a profile-storage means for storing log data related to said 

input/output data as profiles for each user; and 

an unusual-operation-determination means for referencing said 
profile-storage means and comparing input/output data that was acquired 
by said data-acquis i t ion means wi th the norma I operation trend of said user 
to determine whether operation is unusual; wherein 

said stoppage means also stops the operation executed by said 
input/output data when it is determined by said 
unusual-operation-determination means that operation is unusual. 

12. The invalidity-monitoring system of any one of the claims 9 to 
11 wherein 

said stoppage means executes a process of interrupting a session when 
said data-acquisi t ion means acqui red said input/output data from a network. 

13. The invalidity-monitoring system of any one of the claims 9 to 
11 wherein 

said stoppage means stops the process of executing a driver when said 
data-acquisi t ion means acqui red said input/output data from an external ly 
connected bus. 

14. An invalidity-monitoring system for monitoring invalid data, 
which causes a computer to execute an invalid operation, and comprising: 

a data-acquisition means for acquiring input/output data that is input 



